ef3e5ed87fcb07f2912ecd1751128078_JaffaCakes118 | Triage

Sharing

General

Target

ef3e5ed87fcb07f2912ecd1751128078_JaffaCakes118
Size

323KB
MD5

ef3e5ed87fcb07f2912ecd1751128078
SHA1

74913ec1a2761cdb8845fd7556ebad86e0acdf9f
SHA256

299e7727cdc3b134ba0689602d54eed6fe87a6d24623e746236271f4b2a5cb63
SHA512

353410768ddd8399411e3ea1800c6880f5e8b54a59b5a8c7f3830974bdbd10c18b54bdcdaad351c1b16e8e2e0c504cc6ff2e86dee168439df2f44544c4972e35
SSDEEP

6144:C1zsjM5Wn9pTkDTuvlxT0JsC09jbkejROnstdC0s:YsjtXTkDTuzT0kdbkehtdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef3e5ed87fcb07f2912ecd1751128078_JaffaCakes118

Files

ef3e5ed87fcb07f2912ecd1751128078_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.nsp0
Size: - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WYCao
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ